package team.pwy.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.config.annotation.web.configurers.DefaultLoginPageConfigurer;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

import static org.springframework.security.config.Customizer.withDefaults;


/**
 * 放行所有的请求的url
 */
@Configuration
public class WebSecurityConfig {
    @Bean
    public WebSecurityCustomizer webSecurityCustomizer() {
        // WebSecurityCustomizer是一个类似于Consumer<WebSecurity>的接口，函数接受一个WebSecurity类型的变量，无返回值
        // 此处使用lambda实现WebSecurityCustomizer接口，web变量的类型WebSecurity，箭头后面可以对其进行操作
        // 使用requestMatchers()代替antMatchers()
        return (web) -> web.ignoring().requestMatchers(new AntPathRequestMatcher("/endpoint"));
    }
//    @Bean
//    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
//        http
//                //使用authorizeHttpRequests()代替authorizeRequests()
//                .authorizeHttpRequests((authz) -> authz
//                        //这种写法被称为Lambda DSL，代替原来的and()链式操作
//                        .anyRequest().authenticated()
//                )
//                .httpBasic(withDefaults());
//        // 需要进行build()，返回SecurityFilterChain
//        return http.build();
//    }

}
